PatchSiren cyber security CVE debrief
CVE-2023-35823 Siemens CVE debrief
A use-after-free vulnerability exists in the Linux kernel's SAA7134 video capture driver, specifically in the saa7134_finidev function within drivers/media/pci/saa7134/saa7134-core.c. This flaw affects Linux kernel versions prior to 6.3.2. The vulnerability was published on June 11, 2024, with a subsequent modification on July 9, 2024. Siemens has identified this vulnerability as affecting their SIPLUS TIM 1531 IRC and TIM 1531 IRC industrial communication modules, which incorporate the vulnerable kernel component. The CVSS 3.1 score of 7.0 (HIGH) reflects local attack vector, high attack complexity, and low privileges required, with potential for high impact on confidentiality, integrity, and availability. Siemens has released firmware version V2.4.8 or later to address this issue.
- Vendor
- Siemens
- Product
- SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0)
- CVSS
- HIGH 7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-13
- Original CVE updated
- 2024-02-13
- Advisory published
- 2024-02-13
- Advisory updated
- 2024-02-13
Who should care
Organizations operating Siemens TIM 1531 IRC or SIPLUS TIM 1531 IRC industrial communication modules in manufacturing, process control, or critical infrastructure environments. System administrators responsible for Linux-based industrial systems using SAA7134 video capture hardware. Security teams managing OT/ICS environments with embedded Linux components.
Technical summary
The vulnerability is a use-after-free condition in the saa7134_finidev function, part of the SAA7134 video capture driver in the Linux kernel. This driver is used for PCI-based TV tuner and video capture cards. The use-after-free occurs during device finalization, potentially allowing a local attacker with low privileges to trigger memory corruption. The attack requires high complexity due to race condition or specific timing requirements. Successful exploitation could result in elevation of privileges, denial of service, or information disclosure. The vulnerability is resolved in Linux kernel 6.3.2 and later. Siemens has incorporated this kernel fix into firmware version V2.4.8 for their TIM 1531 IRC product family.
Defensive priority
HIGH
Recommended defensive actions
- Apply Siemens firmware update to version V2.4.8 or later for affected TIM 1531 IRC and SIPLUS TIM 1531 IRC devices
- Verify kernel version on affected systems and upgrade to Linux kernel 6.3.2 or later where feasible
- Review network segmentation for affected industrial control systems to limit local access vectors
- Monitor CISA ICS advisories for additional guidance on industrial control system security practices
- Consult Siemens product security advisory SSA-337522 for detailed patch deployment procedures
Evidence notes
The vulnerability description is sourced from the official CVE record and CISA CSAF advisory ICSA-24-165-06. Siemens product impact is confirmed through their security advisory SSA-337522. The remediation guidance specifying firmware version V2.4.8 or later is derived from the CISA CSAF remediation data.
Official resources
-
CVE-2023-35823 CVE record
CVE.org
-
CVE-2023-35823 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
This vulnerability was disclosed through coordinated disclosure. The CVE was published on June 11, 2024, and subsequently modified on July 9, 2024. CISA published advisory ICSA-24-165-06 on June 11, 2024, with an update on July 9, 2024.